If you are not familiar with the Heartbleed Bug that surfaced this month, here is what you should you know. This is important information for anyone who has accounts with any of the below listed affected websites and the full list should be viewed as well to make sure your accounts and personal information are not exposed.
What is it?
- It is a virus that makes certain versions of the popular OpenSSL(Secure Socket Layer) websites information vulnerable to more easily expose log-in and password information for internet hackers and thieves.
- It affects some web addresses that begin with “https.”
Who was affected?
- Most financial institutions do not use the OpenSSl protocol, however there were thousands of sites affected, though there is no documented evidence of an actual data breach.
- Anyone with an account with the following may have been exposed to the Heartbleed Bug: Yahoo, Gmail, Flickr, Instagram, Pinterest, Facebook. These are some of the more popular but it is far from limited to this list
- Many companies have responded by sending emails or putting alerts on the account to request that you change your password or notifying users that their website was not exposed or the issue has been resolved.
What can I do?
- Promote safe and secure passwords that are changed often on your online accounts.
- Use different passwords for the multiple sites you have an account with.
- Re-set passwords only after the provider has fixed the vulnerabilities.
- Keep a close eye on your transactions.
- Check sites where you have an account and change passwords for the following: financial institutions, shopping sites, any website with auto debit set up, web mail providers, and social networks.
How can I check on what sites were and are still affected?
- Check this continually updated site of affected websites at Github Heartbleed Masstest.
- You can also enter a web address and have this site check the security of that link by doing a Heartbleed Test.